Page 821 of 5145 results (0.013 seconds)

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función sco_sock_recvmsg en net/bluetooth/sco.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=c8c499175f7d295ef867335bceb9a76a2c3cdc38 http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://www.openwall.com/lists/oss-security/2013/04/14/3 http://www.ubuntu.com/usn/USN-1837-1 https://github.com/torvalds/linux/commit/c8c499175f7d295ef867335bceb9a76a2c3cdc38 https://lkml.org/lkml/2013/4/14/107 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función caif_seqpkt_recvmsg en net/caif/caif_socket.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=2d6fbfe733f35c6b355c216644e08e149c61b271 http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00016.html http://lists.opensuse.org/opensuse-security-announce/2013-07/msg00018.html http://lists.opensuse.org/opensuse-updates/2013-12/msg00129.html http://www.mandriva.com/security/advisories?name=MDVSA-2013:176 http://www.openwall.com/lists/oss-security/2013/04/14/3 http://www.ubuntu.com/usn/USN-1837-1&# • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0

The vmci_transport_dgram_dequeue function in net/vmw_vsock/vmci_transport.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call. La función vmci_transport_dgram_dequeue en net/vmw_vsock/vmci_transport.c en el kernel de Linux anterior a v3.9-rc7 no inicializa correctamente cierta longitud de variable, permitiendo a usuarios locales obtener información sensible desde la pila del kernel mediante una syscall recvmsg o recvfrom. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=680d04e0ba7e926233e3b9cee59125ce181f66ba http://www.openwall.com/lists/oss-security/2013/04/14/3 http://www.openwall.com/lists/oss-security/2013/04/22/11 http://www.openwall.com/lists/oss-security/2013/04/22/13 http://www.openwall.com/lists/oss-security/2013/04/22/14 http://www.openwall.com/lists/oss-security/2013/04/22/3 http://www.openwall.com/lists/oss-security/2013/04/23/ • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.8EPSS: 0%CPEs: 9EXPL: 4

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of kernel memory, and consequently gain privileges, via crafted /dev/graphics/fb0 mmap2 system calls, as demonstrated by the Motochopper pwn program. Una determinada version de Android v4.1.2 en dispositivos Motorola Razr HD, Razr M, y Atrix HD con el chipset Qualcomm MSM8960 permite a atacantes físicamente próximos obtener acceso de root entrando en el modo de depuración USB, usando Android Debug Bridge (ADB) para establecer una conexión USB, y cargar y ejecutar el programa pwn Motochopper. An integer overflow flaw was found in the way the Linux kernel's Frame Buffer device implementation mapped kernel memory to user space via the mmap syscall. A local user able to access a frame buffer device file (/dev/fb*) could possibly use this flaw to escalate their privileges on the system. Linux kernel fb_mmap function in drivers/video/fbmem.c contains an integer overflow vulnerability that allows for privilege escalation. • http://forum.xda-developers.com/showthread.php?t=2255491 http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=b4cbb197c7e7a68dbad0d491242e3ca67420c13e http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=fc9bbca8f650e5f738af8806317c0a041a48ae4a http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10761 http://marc.info/? • CWE-190: Integer Overflow or Wraparound •

CVSS: 7.2EPSS: 0%CPEs: 216EXPL: 1

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child process. La implementación de la llamada al sistema clone en el kernel Linux anteriores a v3.8.3 no maneja de forma adecuada la combinación de las «flags» CLONE_NEWUSER y CLONE_FS, lo que permite a usuarios locales obtener privilegios llamando a chroot aprovechando la compartición del directorio / entre un proceso padre y un proceso hijo. • http://git.kernel.org/?p=linux/kernel/git/torvalds/linux-2.6.git%3Ba=commit%3Bh=e66eded8309ebf679d3d3c1f5820d1f2ca332c71 http://stealth.openwall.net/xSports/clown-newuser.c http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.8.3 http://www.openwall.com/lists/oss-security/2013/03/14/6 https://bugzilla.redhat.com/show_bug.cgi?id=921448 https://github.com/torvalds/linux/commit/e66eded8309ebf679d3d3c1f5820d1f2ca332c71 • CWE-264: Permissions, Privileges, and Access Controls •